From 40aceeb96af34eae5afd0d219fdb435f7f71a528 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Micha=C5=82=20K=C4=99pie=C5=84?= <michal@isc.org>
Date: Wed, 22 Jun 2022 15:09:43 +0200
Subject: [PATCH] Add a note to the ARM on dnstap & resolver traffic

Warn users that server-side IP addresses are not stored in dnstap
captures of resolver traffic unless "query-source(-v6)" is explicitly
set, explaining why it is so.

(cherry picked from commit 366f7a938bb94842460d3f2fbf7aee0967c837a8)
---
 doc/arm/reference.rst | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/doc/arm/reference.rst b/doc/arm/reference.rst
index 68710a1bff..67c8190a71 100644
--- a/doc/arm/reference.rst
+++ b/doc/arm/reference.rst
@@ -1041,6 +1041,14 @@ default is used.
         resolver query;
       };
 
+   .. note:: In the default configuration, the dnstap output for
+      recursive resolver traffic does not include the IP addresses used
+      by server-side sockets. This is caused by the fact that unless the
+      :ref:`query source address <query_address>` is explicitly set,
+      these sockets are bound to wildcard IP addresses and determining
+      the specific IP address used by each of them requires issuing a
+      system call (i.e. incurring a performance penalty).
+
    Logged ``dnstap`` messages can be parsed using the :iscman:`dnstap-read`
    utility (see :ref:`man_dnstap-read` for details).